A privilege refers to a level of authorisation granted to a user, process, account or application, enabling it to access system resources (files, databases, networks) or perform specific actions (install software, change configurations, manage accounts).
📌 Features
Access hierarchy :
- Privileges vary according to role (e.g. standard user vs. administrator).
- An account director (root/Admin) has elevated privileges, unlike a normal user.
Principle of least privilege
- It is good practice to limit rights to what is strictly necessary to reduce risks (exposure to attacks, human error).
Associated risks
- Elevation of privileges A vulnerability allowing an attacker to obtain superior rights.
- Abuse of privileges Malicious or accidental use of excessive rights.
Management
- Use of models such as the RBAC (Role-Based Access Control) to assign rights based on roles.
- Regular audits and revocation of unnecessary access.
👉 Example an account with administrator privileges can modify parameters system, whereas a standard user can only use authorised applications.
